Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse kiwi vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-3180
kiwi prior to 4.98.08, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
Suse Kiwi
Suse Studio Onsite 1.2
Suse Studio Extension For System Z 1.2
7.5
CVSSv2
CVE-2011-4192
kiwi prior to 4.85.1, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
Suse Kiwi
Suse Studio Extension For System Z 1.2
Suse Studio Onsite 1.2
7.5
CVSSv2
CVE-2011-4195
kiwi prior to 4.98.05, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in an image name.
Suse Studio Extension For System Z 1.2
Suse Kiwi
Suse Studio Onsite 1.2
4.3
CVSSv2
CVE-2011-2644
Cross-site scripting (XSS) vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
7.5
CVSSv2
CVE-2011-2645
Unspecified vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted filename for a custom RPM.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
7.5
CVSSv2
CVE-2011-2647
Unspecified vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted archive name in the list of testdrive modified files.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
7.5
CVSSv2
CVE-2011-2649
Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows malicious users to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
4.3
CVSSv2
CVE-2011-2650
Cross-site scripting (XSS) vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
7.5
CVSSv2
CVE-2011-2651
Unspecified vulnerability in the file browser in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted filename.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
4.3
CVSSv2
CVE-2011-2652
Cross-site scripting (XSS) vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »